Snort mailing list archives
Re: Snort IP blacklist issue (Pulledprok)
From: Shirkdog <shirkdog () gmail com>
Date: Wed, 3 Feb 2016 12:37:42 -0500
Make sure the file specified in pulledpork.conf actually exists. Check the black_list variable in your config. On Feb 3, 2016 11:53 AM, "Nicolas Lepolard" <Nicolas.Lepolard () ejco com> wrote:
Hi guys, I have an issue with my PulledPork's installation ! When i try this command, i've got this error message : sudo /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -l (...) Checking latest MD5 for snortrules-snapshot-2980.tar.gz.... They Match Done! Rules tarball download of community-rules.tar.gz.... IP Blacklist download of *http://talosintel.com/feeds/ip-filter.blf..* <http://talosintel.com/feeds/ip-filter.blf..>.. Reading IP List... Couldn't read /opt/snort/tmp/648.041857729794-black_list.rules - Aucun fichier ou dossier de ce type at /usr/local/bin/*pulledpork.pl* <http://pulledpork.pl/> line 540. main::read_iplist(HASH(0x2a281f8), "/opt/snort/tmp/648.041857729794-black_list.rules") called at /usr/local/bin/*pulledpork.pl* <http://pulledpork.pl/> line 431 main::rulefetch("open", "IPBLACKLIST0", "/opt/snort/tmp/", " *http://talosintel.com/feeds/ip-filter.blf* <http://talosintel.com/feeds/ip-filter.blf>") called at /usr/local/bin/ *pulledpork.pl* <http://pulledpork.pl/> line 1946 I've seen other posts about this problem but i didn't find solution ! Can you help me please ? Snort : 2.9.8.0 PulledPorks : 0.7.2 Best regards Nicolas ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Snort IP blacklist issue (Pulledprok) Nicolas Lepolard (Feb 03)
- Re: Snort IP blacklist issue (Pulledprok) Shirkdog (Feb 03)
- Re: Snort IP blacklist issue (Pulledprok) Nicolas Lepolard (Feb 04)
- Re: Snort IP blacklist issue (Pulledprok) Shirkdog (Feb 04)
- Re: Snort IP blacklist issue (Pulledprok) Nicolas Lepolard (Feb 04)
- Re: Snort IP blacklist issue (Pulledprok) Shirkdog (Feb 04)
- Re: Snort IP blacklist issue (Pulledprok) Nicolas Lepolard (Feb 04)
- Fwd: Re: Snort IP blacklist issue (Pulledprok) wkitty42 (Feb 04)
- Re: Fwd: Re: Snort IP blacklist issue (Pulledprok) Shirkdog (Feb 04)
- Re: Fwd: Re: Snort IP blacklist issue (Pulledprok) Nicolas Lepolard (Feb 05)
- Re: Fwd: Re: Snort IP blacklist issue (Pulledprok) wkitty42 (Feb 05)
- Re: Fwd: Re: Snort IP blacklist issue (Pulledprok) Shirkdog (Feb 05)
- Re: Fwd: Re: Snort IP blacklist issue (Pulledprok) Nicolas Lepolard (Feb 22)
- Re: Snort IP blacklist issue (Pulledprok) Shirkdog (Feb 03)